#!/bin/bash

# This should completely wipe out anything related to
# iptables so you can start from scratch.  It will set
# your default policies (which can't just be "removed")
# to ACCEPT so you don't lock yourself out if you run
# this remotely.

iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT

# Flush the rules from all chains
cat /proc/net/ip_tables_names | while read table; do
 iptables -t $table -L -n | while read c chain rest; do
  if test "X$c" = "XChain" ; then
   iptables -t $table -F $chain
  fi
 done
 # Delete user-defined chains
 iptables -t $table -X
done

# Zero out packet and byte counters in all tables
iptables -Z
iptables -t nat -Z
iptables -t mangle -Z

# Clear out the conntrack table if possible
modprobe -r ipt_conntrack
modprobe -r iptable_nat